DHCP connections when our IVM is hosted

As of 1 year ago our Insight IVM console is cloud/hosted. I’ve been unable to re-establish Microsoft DHCP Discovery connections since then because our DHCP servers are internal to Active Directory and therefore have no reason to be public-facing or to be NAT-ed Obviously there is also no means for authentication, etc.

If I am understanding R7 support - and I am not sure I am - they are suggesting that installing a scan engine on each of our DHCP servers will accomplish this. That makes no sense to me - and even if it works it seems a very heavy-handed approach.

Are there any Rapid7 customer/colleagues who have the same scenario and have DHCP discovery connections working? If so I’d love to know how you did it. I keep getting pointed back to a R7 KB that references Windows Server 2008 and 2012 and does not distinguish between on-prem vs. hosted IVM when creating DHCP discovery connections.

TIA.

Craig

Rapid7 support clarified that a scan engine does not need to be installed on each DHCP server - just that an existing scan engine has to be selected when setting up the DHCP discovery connection. That brings me right back to how I had it setup before migration to cloud and that I can’t seem to get working again.

I’ll post back if I figure it out.

Resolved

  • rebuilt DHCP log directories and share permissions
  • created shared credential for Active Directory account used for the DHCP Discovery connection
  • rebuilt DHCP discovery connections using shared credential and //ip_address/share syntax

Craig

Thanks for sharing the resolution.